NEAS[.]de94cf31192a4218e38782785c6b91e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.de94cf31192a4218e38782785c6b91e0.exe
Size

5KB
MD5

de94cf31192a4218e38782785c6b91e0
SHA1

580cbcd92a21f8d6511e437dd3c72ec3a0475e39
SHA256

d8edcabfc9d2d5cf08762c6c0fb30145bd10a4aff4f67516177582a32361b7d6
SHA512

9431f72494437131a4852e104182ca788579f0eece73a959672f52dacd4f66c875a6ca96ea6a023c05c41173844ad5753d7974359646dddbc0a5c18226d1702a
SSDEEP

48:6VsmtHYWXQWfYpTE66auVzT4DmzuVBQTpRONpTrg7vYaARtRF9orw5Bf:GBtHNXQSYBvAh4QkuTpROHTre94H3or

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.de94cf31192a4218e38782785c6b91e0.exe

Files

NEAS.de94cf31192a4218e38782785c6b91e0.exe
.exe windows:4 windows x64

ba43502c8fc48d18d293624833cab2f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpUtilOidAppend
SnmpUtilVarBindCpy
SnmpUtilMemFree
SnmpUtilMemReAlloc
SnmpSvcGetUptime
SnmpUtilOidNCmp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ